Unrated severityNVD Advisory· Published Mar 6, 2026· Updated Mar 10, 2026
CVE-2025-69649
CVE-2025-69649
Description
GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed.
Affected products
10- GNU Binutils/readelfdescription
- osv-coords8 versionspkg:apk/chainguard/binutilspkg:apk/chainguard/binutils-devpkg:apk/chainguard/binutils-docpkg:apk/chainguard/binutils-goldpkg:apk/wolfi/binutilspkg:apk/wolfi/binutils-devpkg:apk/wolfi/binutils-docpkg:apk/wolfi/binutils-gold
< 2.46-r0+ 7 more
- (no CPE)range: < 2.46-r0
- (no CPE)range: < 2.46-r0
- (no CPE)range: < 2.46-r0
- (no CPE)range: < 2.46-r0
- (no CPE)range: < 2.46-r0
- (no CPE)range: < 2.46-r0
- (no CPE)range: < 2.46-r0
- (no CPE)range: < 2.46-r0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.